Email Phishing Attacks
Start time: Friday 13th May 11:30am
End time: Tuesday 24th May 3:15pm
Information services would like to advise that due to the recent spate of phishing attacks DIT have been blacklisted with the following internet service providers:
Any ISP using Spamcop
This means that any emails sent from a DIT email address to any of the above ISPs may not be delivered. Users may not receive a notification of delivery failure.
If users urgently need to send an email to any of the above please use a non DIT address until this issue has been resolved. Information services are working with the ISPs in question to whitelist DIT email addresses which will allow mail to be delivered normally to any email address.
Information services would like to remind all staff and students of their personal responsibility in this matter and never act upon any emails requesting usernames and passwords under any circumstances. This includes following hyperlinks in emails purporting to be from Information Services requesting password verifications/account confirmation.
DIT Information Services would like to re-iterate that we have implemented a procedure of 'Never asking Staff or Students for their password to any systems (Email, Business Applications etc) via email, for any reason, ever'.
If you suspect you may have acted upon a phishing email it is imperative that you contact the Service Desk immediately on ext 3123 to have your password changed. You should never reuse a password you suspect has been compromised. We would encourage users to be vigilant and always report any suspicious emails to the Service Desk on ext 3123 or email firstname.lastname@example.org.
Update Monday 16th May 3:00pm
DIT is no longer blacklisted by Yahoo so emails will be delivered to yahoo addresses.
Update Tuesday 17th May 12:40pm
DIT is no longer blacklisted by any of the ISPs mentioned above. There have been no phishing attacks today.
Update Tuesday 24th May 3:15pm
Information Services would like to advise that the service has been restored. We would encourage users to be vigilant and never reply to any emails requesting usernames and passwords under any circumstances.